rhel7 interview questions
Top rhel7 frequently asked interview questions
Anyone have any luck with making httpd use rh-php56 from the Red Hat Software Collections?
I see documentation on how to enable the newer version of php at the CLI...but not for making Apache use the new version of PHP installed via the rh-php56 package.
(I should clarify -- this is for a RHEL 7.x box)
Source: (StackOverflow)
I'm trying to install a PHP-based software package in a Red Hat 7 Amazon EC2 instance (ami-8cff51fb) that has had Apache 2.4.6 and PHP 5.4.16 installed on it using yum. The installation fails because it says a particular directory needs to be writable by the webserver with 0755 or 0775 permissions.
The directory in question has 0775 permissions with root:apache ownership. I have verified that the httpd process is being run by the apache user and that the apache user is a member of the apache group.
If I edit /etc/passwd to temporarily give the apache user a login shell and then su to that account, I am able to manually create files as the apache user within the directory using the touch command.
I took a look at the source code of the installer script and identified that it's failing because PHP's is_writable() function is returning false for the directory in question. I created a separate test PHP script to isolate and verify the behaviour I'm seeing:
<?php
$dir = '/var/www/html/limesurvey/tmp';
if (is_writable($dir)) {
echo $dir, ' is writable';
} else {
echo $dir, ' is NOT writable';
}
?>
This outputs the NOT writable message. If I change $dir above to be /tmp then it correctly outputs that /tmp is writable.
If I change the directory permissions to 0777 and/or change the ownership to apache:apache then PHP still reports that the directory isn't writable. I even tried creating a /test directory set up with the same permissions and ownership and my test script still reports it as not writable.
I'm really at a loss as to explain this behaviour, so any ideas would be welcome!
Thanks in advance.
The directory listing for /var/www/html/limesurvey is given below. The tmp and upload directories have 0775 permissions as per Lime Survey's installation instructions. test.php is my test script mentioned above.
[ec2-user@ip-xx-x-x-xxx limesurvey]$ pwd
/var/www/html/limesurvey
[ec2-user@ip-xx-x-x-xxx limesurvey]$ ls -al
total 80
drwxr-xr-x. 20 root apache 4096 Mar 30 11:25 .
drwxr-xr-x. 3 root root 23 Mar 25 14:41 ..
drwxr-xr-x. 2 root apache 38 Mar 10 12:56 admin
drwxr-xr-x. 16 root apache 4096 Mar 10 12:56 application
drwxr-xr-x. 3 root apache 4096 Mar 10 12:56 docs
drwxr-xr-x. 2 root apache 4096 Mar 10 12:56 fonts
drwxr-xr-x. 19 root apache 4096 Mar 10 12:56 framework
-rw-r--r--. 1 root apache 429 Mar 10 12:56 .gitattributes
-rw-r--r--. 1 root apache 399 Mar 10 12:56 .gitignore
-rw-r--r--. 1 root apache 296 Mar 10 12:56 .htaccess
drwxr-xr-x. 4 root apache 4096 Mar 10 12:56 images
-rw-r--r--. 1 root apache 6652 Mar 10 12:56 index.php
drwxr-xr-x. 5 root apache 39 Mar 10 12:56 installer
drwxr-xr-x. 89 root apache 4096 Mar 10 12:56 locale
drwxrwxr-x. 2 root apache 39 Mar 25 14:41 logs
drwxr-xr-x. 4 root apache 49 Mar 10 12:56 plugins
-rw-r--r--. 1 root apache 61 Mar 10 12:56 README
drwxr-xr-x. 4 root apache 4096 Mar 10 12:56 scripts
-rw-r--r--. 1 root apache 380 Mar 10 12:56 .scrutinizer.yml
drwxr-xr-x. 5 root apache 4096 Mar 10 12:56 styles
drwxr-xr-x. 5 root apache 4096 Mar 10 12:56 styles-public
drwxr-xr-x. 12 root apache 4096 Mar 10 12:56 templates
-rw-r--r--. 1 root apache 159 Mar 30 11:11 test.php
drwxr-xr-x. 3 root apache 20 Mar 10 12:56 themes
drwxr-xr-x. 26 root apache 4096 Mar 10 12:56 third_party
drwxrwxr-x. 5 root apache 80 Mar 26 13:45 tmp
drwxrwxr-x. 6 root apache 79 Mar 10 12:57 upload
Running namei -l /var/www/html/limesurvey/tmp gives:
[ec2-user@ip-x-x-x-xxx ~]$ namei -l /var/www/html/limesurvey/tmp
f: /var/www/html/limesurvey/tmp
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x root root www
drwxr-xr-x root root html
drwxr-xr-x root apache limesurvey
drwxrwxr-x root apache tmp
Source: (StackOverflow)
I'm new to configuring Apache and I'm trying to optimize my Apache server. Reading through the documentation, I found that I should be using the Event MPM instead of the Prefork MPM. Everything was straight forward until this point as I only had to comment out Prefork and uncomment Event in 00-mpm.conf. However, when I restarted Apache, I got the following error -
AH00526: Syntax error on line 31 of /etc/httpd/conf.d/php.conf: Invalid command 'php_value', perhaps misspelled or defined by a module not included in the server configuration
Digging for some more information, I found out that mod_php should not be used with Event. So, I'm commented out php_value in php.conf and also commented out LoadModule in 10-php.conf.
My webpages wouldn't load anymore and I realized that I should be using php-fpm. However, documentation regarding this is really unclear and I'm not sure how to use it. I tried this -
[root@ip-xxx-xx-xx-xxx ~]# yum install php-fpm
Loaded plugins: amazon-id, rhui-lb, search-disabled-repos
Resolving Dependencies
--> Running transaction check
---> Package php70w-fpm.x86_64 0:7.0.4-1.w7 will be installed
--> Processing Dependency: php70w-common(x86-64) = 7.0.4-1.w7 for package: php70w-fpm-7.0.4-1.w7.x86_64
--> Running transaction check
---> Package php70w-common.x86_64 0:7.0.4-1.w7 will be installed
--> Processing Conflict: php70w-common-7.0.4-1.w7.x86_64 conflicts php-common < 5.5.0
--> Finished Dependency Resolution
Error: php70w-common conflicts with php-common-5.4.16-36.el7_1.x86_64
You could try using --skip-broken to work around the problem
You could try running: rpm -Va --nofiles --nodigest
I'm not sure how to proceed and would really appreciate any help with this problem. Thank you!
Source: (StackOverflow)
Platform
RedHat Enterprise Linux 7
WebSphere Liberty Profile 8.5.5.8
Issue
I have several Liberty instances / applications connected to a Liberty Collective Controller, and therefore have ssl and keystores specific to each instance.
At the same time many of the applications connect externally / outbound to different https:// and are in the need of storing root certificates from Commodo, Buypass, Thawte, etc. to avoid The signer might need to be added to local trust store and could not build a valid CertPath, etc.
Goal
Use server (Java / RedHat) provided CA root certificate stores unchanged, and use a "pr-instance" truststore where private certificates are imported - in combination.
Question
Is it possible to combine a "personal" truststore with a server provided truststore (or two), i.e. from the Java installed /opt/Liberty/java/java_1.8_64/jre/lib/security/cacerts file or the RPM package ca-certificates
And if so - how?
My current ssl configuration looks like this:
<!-- Connection to the collective controller -->
<collectiveMember controllerHost="<server>"
controllerPort="<port>" />
<!-- clientAuthenticationSupported set to enable bidirectional trust -->
<ssl id="defaultSSLConfig"
keyStoreRef="defaultKeyStore"
trustStoreRef="defaultTrustStore"
clientAuthenticationSupported="true" />
<!-- inbound (HTTPS) keystore -->
<keyStore id="defaultKeyStore" password="******"
location="${server.config.dir}/resources/security/key.jks" />
<!-- inbound (HTTPS) truststore -->
<keyStore id="defaultTrustStore" password="*****"
location="${server.config.dir}/resources/security/trust.jks" />
<!-- server identity keystore -->
<keyStore id="serverIdentity" password="******"
location="${server.config.dir}/resources/collective/serverIdentity.jks" />
<!-- collective truststore -->
<keyStore id="collectiveTrust" password="*******"
location="${server.config.dir}/resources/collective/collectiveTrust.jks" />
Source: (StackOverflow)
This is not a duplicate because the suggested article references a general question. My question refers to how do you fix paths after two versions are installed.
Im working in RHEL 7 and accidentally installed Python2.7 on top of Python3.5... long story, it happened. I need to use 2.7 for my scripts. I tried creating a sym link and that works, but yum is still not working. Also, if I install anything with pip, it's putting it into /usr/local/lib/python3.5/site-packages. Suggestions how to fix this? I've been googling for hours and I'm pulling my hair out. Thank you in advance.
pip version:
# pip --version
pip 8.0.2 from /usr/local/lib/python3.5/site-packages (python 3.5)
created link to 2.7 version:
# ln -s /usr/local/bin/python2.7 /usr/bin/python
python location:
# which python
/usr/bin/python
check version:
# python
Python 2.7.11 (default, Mar 3 2016, 08:44:22)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>quit()
tried to use yum:
# yum update
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:
No module named yum
Please install a package which provides this module, or
verify that the module is installed correctly.
It's possible that the above module doesn't match the
current version of Python, which is:
2.7.11 (default, Mar 3 2016, 08:44:22)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)]
If you cannot solve this problem yourself, please go to
the yum faq at:
http://yum.baseurl.org/wiki/Faq
pip version has not changed after uninstalling/reinstalling
# pip --version
pip 8.0.2 from /usr/local/lib/python3.5/site-packages (python 3.5)
Source: (StackOverflow)
I am merging ansible into our internal RHN satellite. I have a fully updated RHEL 7 base repo, extras, supplementary, optional, and RHN tools from Red Hat.
I have also merged selected packages into a epel repo when we need them. This for example is where ansible is going to live.
In centos7:
python-crypto x86_64 2.6.1-1.el7.centos extras 470 k
python-ecdsa noarch 0.11-3.el7.centos extras 69 k
These 2 packages are dependencies for ansible and are in the extras repo for centos7. They are however missing from Red Hat Enterprise Linux 7 extras.
I was always under the impression that there would not be packages offically released from Centos that would not also be offically released from Red Hat.
My issue is that I don't want to put this in my epel repo cause it's not epel. This is first time that I have ever experienced that there are packages offered by centos that are not a part of the corresponding Red Hat distribution. Version differences I can understand, but a missing package seems odd to me.
Is this an error? Should this not happen?
Source: (StackOverflow)
I need help regarding my cluster error:
[root@db2]# pcs status
Cluster name: oracluster
Last updated: Mon Feb 22 16:00:12 2016
Last change: Mon Feb 22 15:45:14 2016
Stack: corosync
Current DC: db2 (2) - partition with quorum
Version: 1.1.12-a14efad
2 Nodes configured
5 Resources configured
Online: [ db1 db2 ]
Full list of resources:
ClusterVIP (ocf::heartbeat:IPaddr2): Started db2
Clone Set: dlm-clone [dlm]
Stopped: [ db1 db2 ]
Clone Set: clvmd-clone [clvmd]
Stopped: [ db1 db2 ]
Failed actions:
dlm_start_0 on db2 'not configured' (6): call=18, status=complete, exit-reason='none', last-rc-change='Mon Feb 22 15:57:04 2016', queued=0ms, exec=34ms
PCSD Status:
db1: Online
db2: Online
Daemon Status:
corosync: active/disabled
pacemaker: active/disabled
pcsd: active/enabled
Details:
I have 2 nodes (db1, db2) with shared storage (SAN). Both servers are in RHEL7.1. Now I want to add the storage as a resource. According to RHEL documentation DLM and CLVMD should be added also as a resource. I discovered that the error will disapper when STONITH is enabled, but still DLM is not starting. The log says it needs Fencing Device to be configured, which I don't have right now.
Any work around for this? Do we have a way to disable the fence mechanism and still make the cluster work? Thank you so much in advance!
Source: (StackOverflow)
I ‘m having difficulty sending mail.
My mail.rc is below
account gmail {
set smtp-use-starttls
set ssl-verify=ignore
set smtp-auth=login
set smtp=smtp://smtp.gmail.com:587
set from=”email@gmail.com”
set smtp-auth-user=uname
set smtp-auth-password=***********
set ssl-verify=ignore
set nss-config-dir=/etc/pki/nssdb/
}
But I’m getting error
[root@localhost ~]# echo -e “Mail body text” | mailx -A gmail -s“Mail subject” uname.example.com
[root@localhost ~]# Error in certificate: Peer’s certificate issuer is not recognized.
smtp-server: 534-5.7.14 Please log in via your web browser and
smtp-server: 534-5.7.14 then try again.
smtp-server: 534-5.7.14 Learn more at
smtp-server: 534 5.7.14 https://support.google.com/mail/answer/78754 205sm11220769pfy.32 – gsmtp
“/root/dead.letter” 11/337
. . . message not sent.
I think I’m having a certificate issue. I used the firefox certificates also. Still same issue.
I’m using RHEL7 .
Could you please help me
Source: (StackOverflow)
I have a scenario of REQ/ REP where the replier keeps polling for any requests coming from the requester using the standard poller apis.
we have a ruby implementation of the above scenario.
The issue we are facing is that the above scenario works only with the ipc protocol and not with the tcp protocol(in the bind and connect urls of replier and requester respectively).
However if we go by the standard requester / replier with the send/receive function then the whole process works well with the tcp and ipc protocol both.
The issue happens on changing the the replier code to the poller implementation and the requester/replier are not able to communicate with each other.
We also tried out the corresponding C++ implementation and it seems to work fine for both tcp/ipc protocols and both standard/poller implementations
I want to know if there is any important part missing in the code or some OS setting that needs to be changed to get the ruby code working with the poller implementation?
RUBY implementation
REQUESTER
require 'rubygems'
require 'ffi-rzmq'
context = ZMQ::Context.new
puts "Connecting to the Server..."
requester = context.socket(ZMQ::REQ)
requester.connect("tcp://localhost:5555")
puts "Calling server"
requester.send_string 'Shiraaz'
puts 'After send'
reply = ''
requester.recv_string(reply)
puts 'After receieve'
puts reply
REPLIER with standard receive/send implementation
require 'rubygems'
require 'ffi-rzmq'
context = ZMQ::Context.new
puts "Connecting to the Server..."
requester = context.socket(ZMQ::REQ)
requester.connect("tcp://localhost:5555")
puts "Calling server"
requester.send_string 'Shiraaz'
puts 'After send'
reply = ''
requester.recv_string(reply)
puts 'After receieve'
puts reply
REPLIER with poller implementation
require 'rubygems'
require 'ffi-rzmq'
puts "Starting Server..."
context = ZMQ::Context.new
socket = context.socket(ZMQ::REP)
socket.bind("tcp://localhost:5555") //This does not works...But changing it to socket.bind("ipc:///tmp/feed") and making the same change in the requester connect url makes it work
poller = ZMQ::Poller.new
poller.register(socket, ZMQ::POLLIN)
loop do
puts 'Before poll'
poller.poll(1000)
request = ''
puts 'After poll'
poller.readables.each do |sock|
puts 'here'
if sock === socket
sock.recv_string(request)
puts "Received request. Data: #{request.inspect}"
sock.send_string('Reply from the server')
end
end
end
Source: (StackOverflow)
I have setup an SVN server on RHEL 7.2 machine with in-built RPM. After I have created a repository.
After the creation of the repository demorepo, I was successful in accessing the repository in one client through 'svn+ssh' protocol using 'root' user.
But later I enabled path-based authorization and configured the svnserve.conf, passwd and authz files of the repository as below:
svnserve.conf file
anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
passwd file
rouser1 = pswd1
rouser2 = pswd2
rwuser1 = pswd3
rwuser2 = pswd4
spluser = pswd5
authz file
[groups]
readgrp = rouser1,rouser2,spluser
writegrp = rwuser1,rwuser2
[demorepo:/]
@readgrp = r
@writegrp = rw
[demorepo:/proj1]
spluser = rw
[demorepo:/proj2]
spluser =
Now, after the configuration of the above files, I am successful in accessing the repository through the "svn" protocol (not through the ssh tunnel) but I lost the access through the "svn+ssh" protocol.
So, is there any way to access the repository with the both the protocols simultaneously while path-based authorization is enabled? Or please let me know if I had done any mistake in my configuration?
Source: (StackOverflow)
I need help on installing saltstack on RHEL 7.
RHEL 7 server is from AWS Amazon.
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.0 (Maipo)
I'm getting an error during installation:
$ wget -O - http://bootstrap.saltstack.org | sudo sh
2014-08-04 09:41:45 (932 KB/s) - written to stdout [177548/177548]
- INFO: Found function install_red_hat_enterprise_linux_7_stable_deps
- INFO: Found function install_red_hat_enterprise_linux_stable
- INFO: Found function install_red_hat_enterprise_linux_stable_post
- INFO: Found function install_red_hat_enterprise_linux_restart_daemons
- INFO: Found function daemons_running
- INFO: Running install_red_hat_enterprise_linux_7_stable_deps()
- ERROR: Stable version is not available on RHEL 7 Beta/RC. Please set installation type to git.
- ERROR: Failed to run install_red_hat_enterprise_linux_7_stable_deps()!!!
Is this version of RHEL 7 not supported for saltstack?
Source: (StackOverflow)
I have a vendor-provided RPM that normally asks the user to accept an EULA agreement as part of package installation. Basically the preinstall script (as displayed by rpm -qa --scripts) looks like this:
rm -f /tmp/mypackage_EULA.txt
echo "Lots and lots of lines of EULA stuff" >> /tmp/mypackage_EULA.txt
echo "Press 'q' to continue" >> /tmp/mypackage_EULA.txt
less -X /tmp/mypackage_EULA.txt
echo "By installing this package you are agreeing to the license, &c."
echo "Press 'a' to agree"
ans=""
while [ "$ans" == "" ]
do
read -n 1 ans
done
if [ "$ans" != "a" ]; then
echo ""
echo "aborting ..."
exit 1
else
echo ""
echo "installing ..."
fi
The vendor's notes suggest using --noscripts if you don't want to have to manually accept the EULA.
However, what I'd like to do is to install it as part of Kickstart, either by adding it to the %packages list or having it installed automatically as a prereq for other packages I'm installing.
- Is there any way to specify a command or configuration option (e.g. --noscripts or --nodeps) for a specific package in the Kickstart %packages list?
- If not, what workarounds should I use to install a not-quite-standard RPM like this?
Source: (StackOverflow)
I created an instance from the RHEL7 image.
Installed java at /opt/jdk1.7 and edited /etc/enviroment to contain PATH=/opt/jdk1.7/bin:$PATH
Now performed a reboot.
Now when I try to login it allow to login using first part of email id then it ask for passpharse.
Now I am login as xyz.
Now I type java -version it gives me the correct version and also
echo $PATH prints the correct path.
Now I switch to root using sudo su
and whoami prints root and path get change and it does not cantain the java bin path in it.
How to export variables globally ?
PS: one strange thing is after i switch to root and again switch back to xyz. the path doesnt contain the path to java bin
Source: (StackOverflow)
It seems that the instances started from RHEL 7.1 AMIs does not write the SSH fingerprint into the system log (exactly nothing from cloud-init's output), therefore I can't use the 'Get System Log' menu on AWS UI or the command line tool to figure out the ssh fingerprint of the launched server.
On Centos 7 it works by default. Can it be an issue with the cloud-init config or is it something else?
Cloud-init runs successfully, the logs are present in /var/log after SSH-ing.
Source: (StackOverflow)
I am trying to install Oracle database software in RHEL7 Docker container.
Is such configuration supported?
I do not find any useful guide to do same.
Source: (StackOverflow)